rtcbad

@oskam,

There was a recent critical vulnerability found, detailed here:

https://woocommerce.com/posts/critical-vulnerability-detected-july-2021/

As noted in that blog post, WooCommerce pushed out updates to each of the release branches. This is why you saw your WooCommerce plugin updated from whatever previous 3.9.x version you were running, to this latest 3.9.4 release branch.

As you can see, this is good since your site is now no longer affected by that critical vulnerability! Also, as @rainfallnixfig recommended, it would still be a good idea to update your WordPress, WooCommerce, and other plugins and themes, to the latest versions as soon as feasible.

I Hope this helps explain the situation!

• This reply was modified 3 years, 8 months ago by rtcbad. Reason: Reiterate need to stay up-to-date
• This reply was modified 3 years, 8 months ago by rtcbad. Reason: fix grammar

You are welcome @wfasa!

@wfyann, thank you for the clarification, as I see now that the setting is for SSL verification and not connectivity! ??

I will continue to use my workaround until our new servers arrive and we can upgrade and support TLS >= 1.1.

Thanks again!

There are two kinds of WordPress web sites. Those hosted on WordPress.com’s servers (like your site) and those hosted elsewhere. Only web sites hosted on the WordPress.com servers are affected by the security plugin restriction you noted. All WordPress web sites hosted elsewhere don’t have this restriction.

Hope this clarifies the situation!